Hi,
with the previous release of the CPU Jitter RNG ([1]), concerns were raised
on
the presence of entropy in the CPU execution timing. With this new version
of
the CPU Jitter RNG, a new noise source based on memory access timings is
now
added and the concerns raised before are addressed with additional analyses
given in [2] section 6.1.
This additional noise source is again covered with extensive testing
documented in [2] section 6.2. The test results allowed the explanation of
the
basics of that memory access noise source.
To analyze the two noise sources, a bare metal testing program is used as
documented in [2] section 6.3. That bare metal testing allows the analysis
of
the noise source without interference of an OS and interrupts.
Furthermore, for the already existent noise source of the CPU execution
timing, more analysis of the behavior of the CPU is provided in [2] section
6.1. The analysis, however, showed CPU behavior that cannot easily be
explained. The testing shows that there is a possibility to eliminate the
CPU
execution timing jitter for one particular measurement using a
serialization
instruction. That elimination of timing jitter, however, was not visible
when
the individual rounds of the RNG were tested. That means that the
elimination
of timing jitter in one special case did not show any effects on the
behavior
of the RNG.
The following set of patches integrate the CPU Jitter RNG as a fallback
noise
source into /dev/random. The reason for using it as a fallback only is the
conceptual difference of the CPU Jitter RNG to the other noise sources: all
other noise sources are a push mechanism whereas the CPU Jitter RNG works
by
pulling bits on demand. Due to the speed of the Jitter RNG, it has the
capability of monopolizing all other noise sources which is prevented by
only
invoking it when the lower entropy threshold of the Linux RNG is reached.
Ciao
Stephan
[1] http://thread.gmane.org/gmane.linux.kernel/1577419/focus=1586212
[2] http://www.chronox.de/jent/doc/CPU-Jitter-NPTRNG.html
--
| Cui bono? |